Merge "Sanitize inputs for PreferredSimFallbackProvider.query()"

commit: e96458ef747e2f33b371aebe08e91f5aa458f6de [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Tue Mar 13 20:24:28 2018 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Tue Mar 13 20:24:28 2018 +0000
tree: 955f50f0db9d423c80189e5e32f29427f09673e4
parent: 0263423e5b344493de6daf60beed609edee6266f [diff]
parent: 019aa3485c6c4c31f0835916865b7cb38274c024 [diff]
diff --git a/java/com/android/dialer/preferredsim/impl/PreferredSimFallbackProvider.java b/java/com/android/dialer/preferredsim/impl/PreferredSimFallbackProvider.java
index 2263e9e..515ed96 100644
--- a/java/com/android/dialer/preferredsim/impl/PreferredSimFallbackProvider.java
+++ b/java/com/android/dialer/preferredsim/impl/PreferredSimFallbackProvider.java

@@ -21,12 +21,14 @@
 import android.content.ContentValues;
 import android.content.pm.PackageManager;
 import android.database.Cursor;
+import android.database.sqlite.SQLiteQueryBuilder;
 import android.net.Uri;
 import android.support.annotation.NonNull;
 import android.support.annotation.Nullable;
 import android.text.TextUtils;
 import com.android.dialer.preferredsim.PreferredSimFallbackContract;
 import com.android.dialer.preferredsim.PreferredSimFallbackContract.PreferredSim;
+import com.google.common.collect.ImmutableMap;
 
 /**
  * Content provider for preferred SIM columns that is only available in ContactsProvider after P.
@@ -39,6 +41,15 @@
 
   private static final String UPDATE_ID_SELECTION = PreferredSim.DATA_ID + " = ?";
 
+  private static final ImmutableMap<String, String> PROJECTION_MAP =
+      ImmutableMap.of(
+          PreferredSim.DATA_ID,
+          PreferredSim.DATA_ID,
+          PreferredSim.PREFERRED_PHONE_ACCOUNT_COMPONENT_NAME,
+          PreferredSim.PREFERRED_PHONE_ACCOUNT_COMPONENT_NAME,
+          PreferredSim.PREFERRED_PHONE_ACCOUNT_ID,
+          PreferredSim.PREFERRED_PHONE_ACCOUNT_ID);
+
   private PreferredSimDatabaseHelper databaseHelper;
 
   @Override
@@ -56,16 +67,18 @@
       @Nullable String[] selectionArgs,
       @Nullable String sortOrder) {
     checkReadContactsPermission();
-    return databaseHelper
-        .getReadableDatabase()
-        .query(
-            PreferredSimDatabaseHelper.TABLE,
-            projection,
-            selection,
-            selectionArgs,
-            null,
-            null,
-            sortOrder);
+    SQLiteQueryBuilder queryBuilder = new SQLiteQueryBuilder();
+    queryBuilder.setStrict(true);
+    queryBuilder.setProjectionMap(PROJECTION_MAP);
+    queryBuilder.setTables(PreferredSimDatabaseHelper.TABLE);
+    return queryBuilder.query(
+        databaseHelper.getReadableDatabase(),
+        projection,
+        selection,
+        selectionArgs,
+        null,
+        null,
+        sortOrder);
   }
 
   @Nullable
commit	e96458ef747e2f33b371aebe08e91f5aa458f6de	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Tue Mar 13 20:24:28 2018 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Tue Mar 13 20:24:28 2018 +0000
tree	955f50f0db9d423c80189e5e32f29427f09673e4
parent	0263423e5b344493de6daf60beed609edee6266f [diff]
parent	019aa3485c6c4c31f0835916865b7cb38274c024 [diff]